Close
Enter your
text here

eDiscoveryDaily

Today’s the Day to Learn What You Need to Know About Cybersecurity and Data Privacy in 2017: Cybersecurity Best Practices

As we’ve recently noted (here and here), data breaches are happening within organizations at an alarming rate, and sensitive data is being compromised regularly.  It’s enough to make you wanna cry.  Here’s where you can find out what you can do to protect yourself, your firm and your client from becoming a victim and also what you need to do to keep up with ever-changing requirements for data security, both within the US and internationally.

Today at noon CST (1:00pm EST, 10:00am PST), CloudNine, along with our friends, the cybersecurity experts at Firm Guardian, LLC, will conduct the webcast What Attorneys Need to Know About Cybersecurity and Data Privacy in 2017.  This one-hour webcast will discuss what you need to know today about cybersecurity and data privacy to protect the sensitive data that your organization manages every day.  Examples of topics being discussed include:

  • The State of Cybersecurity in the U.S. in 2017
  • Top Threats Facing Your Practice
  • Your Responsibility to Your Clients: The High Cost of Data Leaks
  • How to Protect Your Firm and Your Clients
  • Recent Developments in International Data Privacy
  • Criteria for Evaluating Providers in Your eDiscovery Projects
  • Ethics Considerations
  • Looking Forward: The Future of Cybersecurity in the Legal Field

I’ll be presenting the webcast, along with Julia Romero Peter, General Counsel and VP of Sales at CloudNine and joining us from Firm Guardian will be Sean Hall, CEO at Firm Guardian and Paul Cobb, the company’s COO.  The Firm Guardian team has over 30 years of combined experience dealing with foreign and domestic cyber-threats against government and military targets.  So, they have a lot of good information to share to help your organization combat those threats!

To register for the webcast, click here.  Don’t be this firm.

So, what do you think?  Do cybersecurity and data privacy concerns keep you up at night?  They did for this lawyer.  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Few States Still Have an Ethics Opinion Regarding Lawyer Cloud Usage: eDiscovery Best Practices

The Legal Technology Resource Center (LTRC) of the American Bar Association’s (ABA) web site has a great resource for those who want more information regarding a variety of technical topics, including the ethics for lawyers in using and storing client data in the cloud.  However, few states so far have published ethics opinions on the topic.

On their site in a page entitled Cloud Ethics Opinions Around the U.S., the ABA provides an interactive map of the states (see the image of it above), with the states that have published ethics opinions shown in blue.  On the actual site, you can either click on the state to scroll down to it or manually scroll down to the state by name alphabetically (more or less, the list has “Nevada” after “New Hampshire”, “New Jersey” and “New York”, just sayin’).  According to the ABA, here are the states that have published ethics opinions (with links to each state’s opinion):

If you counted, that’s 21* total states with opinions – less than half of the total state jurisdictions.  When we covered this three years ago, there were only 14 states at that time, so that’s at least some progress.

If you don’t feel like reading all of the opinions word for word, the ABA site provides two tabs below the interactive map:

  • Quick Reference tab that identifies whether cloud usage for client data is permitted (so far, all of the states listed above say “Yes”), the standard for use (currently all states with opinions enforce a reasonable care standard) and a bullet point list of specific requirements or recommendations;
  • Opinion Summaries tab that provides a brief summary for each of the opinions.

As the site notes, “in most opinions, the specific steps or factors listed are intended as non-binding recommendations or suggestions. Best practices may evolve depending on the sensitivity of the data or changes in the technology.”  Also, the site identifies opinions (Arizona, New Jersey and Washington to date) where the opinions address issues which aren’t directly labeled cloud computing or software as a service, but which share similar technology (e.g.. online backup and file storage).

Hopefully, more states will follow the examples of these 21 states and publish their own opinions soon.

*Thanks to Mark C. Palmer for pointing us to the opinion in Illinois!

So, what do you think? Are you surprised that more states don’t have published cloud ethics opinions?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

You Have to Be Certifiable to be Privacy Shield Approved: eDiscovery Trends

At a session at The Master’s Conference Chicago event this week, there was an entire session dedicated to international eDiscovery and privacy considerations.  Some of the discussion centered around the General Data Protection Regulation (GDPR), which is set to take effect next year (in almost exactly one year).  Most of the rest of the discussion centered around the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks.

The EU-U.S. and Swiss-U.S. Privacy Shield Frameworks were designed by the U.S. Department of Commerce and the European Commission and Swiss Administration to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States in support of transatlantic commerce.

On July 12, 2016, the European Commission deemed the EU-U.S. Privacy Shield Framework adequate to enable data transfers under EU law (we covered the announcement of the EU-U.S. Privacy Shield here and the formal adoption here). On January 12, 2017, the Swiss Government announced the approval of the Swiss-U.S. Privacy Shield Framework as a valid legal mechanism to comply with Swiss requirements when transferring personal data from Switzerland to the United States (we covered that one too here).

The Privacy Shield Principles lay out a set of requirements governing participating organizations’ use and treatment of personal data received from the EU and Switzerland. By joining the Privacy Shield, participants make a commitment to comply with these Principles that is enforceable under U.S. law.  There are several benefits to becoming Privacy Shield certified, with the most important being that, as a participating organization, you are deemed to provide “adequate” privacy protection, which is a requirement for the transfer of personal data outside of the European Union under the EU Data Protection Directive and outside of Switzerland under the Swiss Federal Act on Data Protection.

The Privacy Shield site is here and the page for U.S. businesses to understand the benefits and requirements of participation in the Privacy Shield is here.

If you go to this page here, you can actually search for companies that are Privacy Shield certified.  Surprisingly, only 2,150 organizations currently are certified at this point.  Of course, in the eDiscovery world, a lot of those organizations may not matter to you, so Rob Robinson (in his Complex Discovery blog) was kind enough to identify here the eDiscovery providers that are currently certified (he also includes PDF copies of both Privacy Shield Frameworks).  According to the list, there are 45 eDiscovery companies that are EU-U.S. Privacy Shield approved, of which only 17 are also Swiss-U.S. Privacy Shield certified.  CloudNine is both EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield certified.  Rob does note that the list may not be all inclusive, so check the link at the beginning of this paragraph if you have questions about a particular eDiscovery provider.

International data privacy issues and frameworks are one of the topics we’ll be discussing at our webcast on Wednesday, May 31.  For more info on where to register, click here.

So, what do you think?  Has your organization become Privacy Shield certified?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Daily will resume with new posts next Tuesday.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Where Does One Find Bitcoin to Pay the Hacker When Your Computer is Locked? An ATM, Of Course!: Cybersecurity Trends

Needless to say, cybersecurity and its challenges have become even more of a hot topic than ever, with ransomware stories becoming more prevalent (here are two stories we’ve covered in just the last two weeks).  If you want to learn more about how to prevent ransomware attacks, read below.  Regardless, based on a recent article, the currency used to pay those hackers their ransom is easier to come by than ever.

In the Ride the Lightning blog (Yes, You Can Get Bitcoins from an ATM), Sharon Nelson notes that she discovered a Bitcoin ATM in her local Shell station, which came with a sheet of instructions (replicated on her company site here).  The sheet of instructions includes a list of other places where you can find Bitcoin ATMs in the D.C. Metro area including other gas stations, two laundromats and a falafel shop.  Sharon took a photo of the ATM, which is displayed in her blog via the link above.

For those who don’t know, Bitcoin is a cryptocurrency and a digital payment system that was released as open-source software in 2009.  According to Wikipedia, over 100,000 merchants and vendors accept bitcoin as payment as of February 2015.

There’s even a site where you can get started with Bitcoin, which says “Bitcoin isn’t owned by anyone. Think of it like email. Anyone can use it, but there isn’t a single company that is in charge of it. Bitcoin transactions are irreversible. This means that no one, including banks, or governments can block you from sending or receiving bitcoins with anyone else, anywhere in the world. With this freedom comes the great responsibility of not having any central authority to complain to if something goes wrong. Just like physical cash, don’t let strangers hold your bitcoins for you, and don’t send them to untrustworthy people on the internet.”

Like cyber-hackers who hold your data for ransom, perhaps?

There’s even an investment market for Bitcoin.  Ars Technica published an article yesterday that noted that the price of Bitcoin has doubled just in 2017 and that a Marketwatch analysis showed that an investment of $1,000 USD in Bitcoin in July 2010 would be worth more than $35 million today!  Wow!

Hopefully, you only have to find out about Bitcoin for investment purposes, not because some cyber-hacker forced you to do so.  Ransomware attacks, and what to do about them is one of the topics we’ll be discussing at our webcast on Wednesday, May 31.  For more info on where to register, click here.

So, what do you think?  Have you ever owned Bitcoin or been involved in a Bitcoin transaction?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Denies Defendant’s Motion to Overrule Plaintiff’s Objections to Discovery Requests

Court Denies Defendant’s Motion to Overrule Plaintiff’s Objections to Discovery Requests: eDiscovery Case Law

In Wal-Mart Stores, Inc. et. al. v. Texas Alcoholic Beverages Commission, et. al., No. 15-00134 (W.D. Texas, Apr. 10, 2017), Texas Magistrate Judge Andrew W. Austin (no relation) denied the defendant’s motion to overrule the plaintiff’s objections to the defendant’s discovery requests, due to the fact that the plaintiff stated it was withholding documents based on each of the objections.

Case Background

In this dispute over the restriction of public companies to sell liquor in Texas, Judge Austin, after conducting a hearing to discuss the parties’ discovery dispute, noted “There was quite a bit of confusion at the hearing about precisely what relief TPSA is requesting in this motion.”  Ultimately, it was determined that the defendant was requesting the Court to overrule objections made by the plaintiff to each of the requests for production, which it assumed would mean that the plaintiff would be under “compulsion” to produce responsive documents, and any disagreements about the actual production could be addressed at that time.

Judge Austin also noted that the “cause of the confusion is not one-sided”, in that much of the confusion stemmed from the plaintiff’s “overabundance of caution” in responding under the new discovery rules, which now require that when a party makes an objection, it also state whether it is withholding any documents subject to that objection. In every one of its responses to the defendant’s requests, the plaintiff leveled one or more objection, and in each instance it stated that it is withholding documents pursuant to that objection.  As a result, the defendant was concerned that there were identified, responsive documents sitting on plaintiff’s counsel’s desk that had not been produced, any of which could be a “bombshell.”

In an exchange with plaintiff’s counsel for clarification, Judge Austin determined that the plaintiff had indicated it was withholding documents pursuant to each objection even if the plaintiff determined that the request was too broad and of such marginal relevance to even merit a search to find responsive documents and that the plaintiff expected it was likely that there were some responsive documents in its many offices and on its computer networks and that some of these documents would likely be privileged attorney client communications or work product.

Judge’s Ruling

With regard to the plaintiff’s statement that it was “withholding documents based on these objections”, Judge Austin noted that while it “may technically be accurate, it is not what the new rules were after in adding the requirement in Rule 34(b)(2)(C) that ‘an objection must state whether any responsive materials are being withheld on the basis of the objection.’”   Judge Austin indicated that “A more helpful response would have been something along the lines of ‘Based on these objections, Wal-Mart has not conducted a search for responsive documents, and while it is likely that some responsive documents may exist, Wal-Mart has not identified any such document, and is not withholding any identified document as a result of these objections.’”

Judge Austin also stated: “For most of the RFPs, Wal-Mart responded that it had already collected and produced documents in response to similar requests from the TABC, based on agreed upon search parameters, and would produce the same documents to TPSA. Further, Wal-Mart stated that it would conduct an additional limited search of additional document sources, but would otherwise not search further. TPSA failed to state in its briefs, or at the hearing, what it believed was deficient with this response. In fact, when asked at the hearing, TPSA was unable to point to a single additional document that would be responsive to its requests it believed had not already been produced. Despite this, TPSA continued to maintain that overruling Plaintiffs’ objections would solve this discovery dispute.”  Disagreeing, Judge Austin denied the defendant’s motion to compel.

So, what do you think?  Was the judge’s suggestion for handling objections in this case helpful?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

“Master” Your Knowledge of eDiscovery With This Conference in Chicago Today: eDiscovery Trends

For the second year in a row, I’m participating in The Master’s Conference 2017 Chicago event, which happens to be today.  If you’re in the Chicago area today, join me and other legal technology experts and professionals at The Master’s Conference event for a full day of educational sessions covering a wide range of topics!

The Master’s Conference brings together leading experts and professionals from law firms, corporations and the bench to develop strategies, practices and resources for managing the information life cycle.  This year’s Chicago event – “Deep Dish Data with Only Chopsticks to Manage It” – covers topics ranging from technology evaluations to forces changing eDiscovery to analytics and social media discovery.  Cybersecurity and data privacy are covered too.

The event will be held at Wyndham Grand Riverfront, 71 E Upper Wacker Dr, Chicago, IL 60601.  Registration begins at 8am, with sessions starting right after that, at 8:30am.

CloudNine will be sponsoring the session Data, Discovery, and Decisions: Extending Discovery From Collection To Creation at 1:45pm.  I will be moderating a panel that includes Matt Wolfe, Commercial Litigator with Shook, Hardy & Bacon, L.L.P., Ryan Tilot, Counsel with Seyfarth Shaw LLP and Mykhaylo Bulyk, Cyber Intelligence/Incident Response Manager for CDK Global.

Our panel discussion will discuss how big data is impacting today’s litigation landscape, the use of non-traditional tools and approaches, how more and more organizations are conducting “data discovery” pre-litigation and the impact of big data on cybersecurity.  It should be a very informative discussion with a very knowledgeable panel!  Hope you can join us!

Click here to register for the conference.  It’s a day well spent with sessions all day long, including the keynote at lunch.

This year, The Master’s Conference also has events scheduled for Denver, New York City, London(!), Washington DC and Orlando.  Click here for more information on remaining scheduled events for the year.

So, what do you think?  Are you in Chicago today?  If so, come join us!  And, as always, please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

The Tenth Annual eDiscovery Training Academy at Georgetown Law is Next Month: eDiscovery Best Practices

I’ve been remiss in not covering this before now, but the 10th Annual eDiscovery Training Academy will be coming up in a couple of weeks at the Georgetown University Law Center.  If you want a really in-depth training course with highly respected and knowledgeable instructors, this is as good a course as there is.

This year’s academy begins on Sunday, June 4, goes through Friday, June 9 and is designed to “fully immerse you in the subject of eDiscovery”. It features a highly personalized and interactive instructional approach designed to foster an intense connection among students, and one “where you will be essentially an apprentice: observing closely, questioning thoroughly, and intimately understanding the approach and knowledge of experts in the craft.”  Those experts are a renowned faculty including Craig D. Ball, Maura R. Grossman, Thomas O’Connor, and Mark S. Sidoti. Retired Magistrate Judge John M. Facciola will also provide additional guidance from a judicial and pragmatic point of view.

The program includes hands-on practice with tools and data at your computer, organized into exercises designed to help you become more comfortable and adept with both the fundamentals and intricacies of ESI.  And, you will learn about and discuss legal issues and concepts, including technology-assisted review, quality assurance, sampling, “legal hold” analysis, the use of Federal Rule of Evidence 502 to minimize the risks of inadvertent disclosure, attorney-client privilege, work product and limitations on waiver, and analyses of cost allocation, proportionality, and “not reasonably accessible” issues.

If you’re in big need of CLE credit hours, you get 26 credit hours (31.2, if your state uses a 50 minute credit hour), which includes 1.2 hours of ethics credit.  Georgetown Law is an accredited CLE provider in most MCLE states.

Click here for pricing information and to register.  There are discounts for Georgetown Law Alumni and Government employees, so, if you’re in one of those groups, you’re eligible for considerable savings.  If you’re interested in attending, time is of the essence – the Academy is limited to 60 participants, so register as soon as possible to reserve your place.

So, what do you think?  Have you been looking for comprehensive eDiscovery training for you or your staff? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Is Pricing Transparency Finally Happening in eDiscovery?: eDiscovery Trends

An age old issue in eDiscovery has been understanding and comparing pricing between various vendors and service providers.  It’s the old “apples vs. oranges” comparison when considering pricing.  A new article, which references a terrific benchmark test, may show that pricing transparency by at least two eDiscovery providers may be finally helping put eDiscovery pricing on common ground.

Rob Robinson’s article on his Complex Discovery blog (An eDiscovery Challenge: Pricing Consistency and Transparency) discusses how eDiscovery continues to challenge law firms and legal departments with a lack of consistency and transparency in pricing. Rob notes that this “lack of consistency and transparency appears to have many reasons with most originating from that fact that eDiscovery solutions (software and/or services) tend to be complex and require and understanding of need, volume, and duration before the configuration of a specific quote to assign a price to the value to be provided. However, with the advent of fourth generation eDiscovery solutions, it appears that some vendors are now comfortable enough with their understanding of the economics and capabilities of their solutions to publicly present pricing to current and potential customers.”

Rob shows how two eDiscovery providers (one of them happens to be CloudNine) have begun “publicly sharing the pricing of their technology solutions, providing an example of how consistent and transparent pricing can be highlighted leading eDiscovery vendors.”  He also references Craig Ball’s updated EDna Challenge from last year (which we covered here) that provides a hypothetical scenario where an eDiscovery solution needs to be provided for less than $5,000 under the following parameters:

  • Three Person Legal Team
  • Process, Search, Review, and Produce
  • 10 Custodians
  • 10-12 GB Total of Data
  • Up to 90 Day Review
  • Up to 21 Months Archiving

Under that framework, both solutions provide a cost estimate to address the hypothetical scenario.  Rob notes that “both offerings meet the technology and business challenges posed by the EDna Challenge”, but “the real value of this comparison is to present how the consistency and transparency of publicly published pricing allows for these types of comparisons without the need for specific challenges and with legal professionals being able to make initial comparisons without special or one-off quotes.”

Last year, for a presentation that I did for the State Bar of Texas, I wrote a white paper titled How SaaS Automation Has Revolutionized eDiscovery for Solo and Small Firms and the comparison of Craig’s 2009 EDna challenge (and the lack of full-featured solutions that could meet that challenge within the ascribed budget) to his 2016 EDna challenge (where several SaaS automation solutions could do so, albeit on a larger budget) was discussed in that white paper.  If anyone would like a copy, feel free to email me at daustin@cloudnine.com.  Hopefully, the trend toward pricing transparency continues and, thanks to Craig, we have a framework for truly comparing apples to apples.

So, what do you think?  Is comparing pricing from multiple eDiscovery vendors a challenge in your organization? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Reporting From the EDRM-Duke Law 2017 Spring Workshop: eDiscovery Best Practices

This blog post is a little longer than most as there is a lot to cover here…

This week, EDRM held its first Spring Workshop since it was acquired by Duke Law last August, which means this was the first workshop held at the Duke campus in Durham, North Carolina and it was unique in several ways.  Here are a few of highlights from the workshop.

Location

As I mentioned, the Workshop was held on the Duke campus in Duke Law School (conveniently and, by design, the school year has just ended).  The venue was excellent and the Duke campus is beautiful, with the law school about a mile from the hotel where many of the participants stayed.  Here’s a couple of examples.

Even the parking garages are architecturally impressive!

Attendees

There were about 50 participants at the workshop, and most of them (at least by my observation) were either law firm or service provider participants.  While there were a few familiar faces (I’ve been attending EDRM meetings since the second year in 2006), most of the people that I met and spoke with were first time attendees to an EDRM workshop.  I’m not sure if the reason for that was the change in locale, the primary project below being worked on (below), or both.  Regardless, it appears that a number of new people are interested in participating in EDRM, which is a clear indication that the importance of EDRM has remain unchanged after the acquisition by Duke.

Project Activities

The majority of attendees were participating in one primary project identified by EDRM as its top goal for the year: developing a user guide for Technology Assisted Review (TAR), with one team working on Cross Border Discovery.  After some initial introduction activities at the start of the workshop by John Rabiej (Director of Duke Law School Center for Judicial Studies), George Socha (founder of EDRM) and Jim Waldron (the new EDRM director) , the teams split into breakout groups to work in their specific teams on Tuesday, with follow-up breakout sessions completed yesterday.

Technology Assisted Review

The TAR effort was broken into three teams, working on various aspects of TAR, as follows:

Team 1: Led by Mike Quartararo of Stroock & Stroock & Lavan LLP, this team was formed to define TAR (and the types of TAR) and discuss use cases for TAR.

Team 2: Led by Adam Strayer of BDO Consulting, this team was formed to discuss factors to consider when deciding whether to use TAR, as well as factors to consider when selecting a TAR tool and service provider.  I am participating on this team.

Team 3: Led by Gareth Evans of Gibson Dunn, this team was formed to discuss “transparency” and “cooperation” considerations regarding TAR, as well as designing and implementing a sound TAR protocol and workflow.

In much the same way that Max McGee said “Coach, you’re going too fast” when Vince Lombardi started a training camp by telling his Green Bay Packer team that “This is a football”, Team 1 spent a lot of their time on Tuesday debating the definition of TAR and/or the appropriate scope of the user guide.  Since teams 2 and 3 were impacted by that discussion as well, the entire group re-convened yesterday morning to discuss the issue further.  The basic discussion came down to two issues:

  1. Whether the definition of TAR (and scope of the document) should be limited to supervised machine learning technology (commonly today called predictive coding) or should include unsupervised machine learning technologies (such as clustering and email threading), and
  2. Whether we should even call the process Technology Assisted Review, or use more specific terms (supervised/unsupervised machine learning), while referencing the more commonly used terms of TAR and predictive coding for continuity and familiarity.

As you can imagine, it was a spirited discussion with attendees having different viewpoints on the topic.  :o)  Aspects of the decisions are still being finalized, so I won’t jump the gun here (sorry, you’ll have to wait for the publication!).

The TAR team is TARgeting (no pun intended) an initial version of the guide for The Duke Conference on Technology Assisted Review (TAR) Best Practices in September 7th and 8th in Arlington, Virginia.

Cross-Border Discovery

A small team, led by Deena Coffman of BDO Consulting, began work on a cross border discovery project, with an initial primary focus on the General Data Protection Regulation (GDPR) regulation that enters into application on May 25, 2018.  Initial discussions focused on identifying manageable first steps that could serve as a building block and the group drafted initial language to formalize a proposed initial scope to be submitted soon to EDRM members with the process to be iterative to eventually (hopefully) lead to a Code of Conduct.  Deena also indicated that the group will also reach out to EDRM members for real life lessons and lessons learned in cross-border discovery.

Networking

Of course, one of the best benefits of attending an EDRM workshop is the opportunity to network with colleagues that also work in eDiscovery and share ideas, and this workshop was no exception.  At breakfasts, lunches, dinner, happy hour and within sessions, all of us were able to discuss a variety of topics (most work related, some not) with various attendees and learn how they address eDiscovery challenges in their organizations.  Speaking personally, this was the most enjoyable EDRM workshop I’ve attended in some time and I enjoyed seeing a lot of new faces at this year’s workshop getting involved in thought leadership in our industry.  That’s what EDRM is all about.

If you’re interested becoming a member of EDRM and participating in any EDRM project, click here for more information, including fee information and a link to a registration form.

So, what do you think?  Are you a member of EDRM?  Are you interested in becoming a member?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Denies Defendant’s Motion to Overrule Plaintiff’s Objections to Discovery Requests

Court Says Rule 37(e) Doesn’t Apply When Recording Was Intentionally Deleted: eDiscovery Case Law

In Hsueh v. N.Y. State Dep’t of Fin. Services, No. 15 Civ. 3401 (PAC) (S.D.N.Y. Mar. 31, 2017), New York District Judge Paul A. Crotty relied upon inherent authority to impose sanctions and determined “that an adverse inference is the appropriate remedy” for the plaintiff’s deletion of a recorded conversation with an HR representative, agreeing with the defendants that “Rule 37(e) applies only to situations where ‘a party failed to take reasonable steps to preserve’ ESI; not to situations where, as here, a party intentionally deleted the recording.”

Case Background

In this case arising from claims of sexual harassment at work, the plaintiff, at an April 2016 deposition, initially stated that she did not think she had recorded any conversations with an HR representative (Allison Clavery) from the company about her allegations, but eventually explained that she thought she had recorded one meeting with Clavery in either December of 2015 or January of 2016, and that she deleted the recording in “[e]ither the course of 2016 or 2015” because “the voice recording itself. . . was not very clear, so [she] did not feel it was worth keeping.”  As a result, in June and early July 2016, the defendants filed a motion for spoliation sanctions.

On July 11, 2016 — the day the plaintiff’s opposition to the spoliation sanctions motion was due — plaintiff’s counsel submitted a letter to the Court advising that “I received an e-mail from my client at 10:16 p.m. last evening, which contained an audio recording attachment of a meeting between my client and Allison Clavery.”  Plaintiff’s counsel noted that “the e-mail indicated that the recording had been recovered with the help of Plaintiff’s husband” and that plaintiff’s counsel stated that he was “awaiting any further instructions with regard to Defendant DFS’s motion.”  As a result, discovery was reopened and the plaintiff and her husband were deposed.  Despite recovery of the recording, the defendants continued to pursue spoliation sanctions, as they had only received materials relating to the plaintiff’s mental health history “over the past few weeks, despite requesting them back in December 2015.”

The defendants stated that it was unclear as to whether Rule 37(e) applied here, arguing that the audio recording might not be ESI and also arguing that Rule 37(e) applies only to situations where “a party failed to take reasonable steps to preserve” ESI; not to situations where, as here, a party intentionally deleted the recording.  The plaintiff, on the other hand, argued that, since the recording was restored, no sanctions were warranted.

Judge’s Ruling

With regard to the defendant’s argument that the recording is not ESI, Judge Crotty stated “The Court disagrees. The recording was made using a digital recorder, and was saved in a digital format.”

However, with regard to the defendant’s argument that Rule 37(e) doesn’t apply when the party intentionally deletes the recording, Judge Crotty said “This makes sense. The Committee Notes to the 2015 Amendment to Rule 37 explain that Rule 37(e) is meant to address ‘the serious problems resulting from the continued exponential growth in the volume of’ ESI as well as ‘excessive effort and money’ that litigants have had to expend to avoid potential sanctions for failure to preserve ESI…These considerations are not applicable here. It was not because Hsueh had improper systems in place to prevent the loss of the recording that the recording no longer existed on her computer; it was because she took specific action to delete it. The Court therefore concludes that Rule 37(e) does not apply.”

As a result, Judge Crotty, determining that “the Court may rely on its inherent power to control litigation in imposing spoliation sanctions”, ruled “that an adverse inference is the appropriate remedy” for the plaintiff’s deletion of the recording and granted the defendants’ motion for spoliation sanctions.

So, what do you think?  Should Rule 37(e) have applied here?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.